castle-rb 4.2.1 → 7.0.0

data/spec/lib/castle/context/{default_spec.rb → get_default_spec.rb}

@@ -1,17 +1,19 @@
 # frozen_string_literal: true
 
-describe Castle::Context::Default do
+describe Castle::Context::GetDefault do
   subject { described_class.new(request, nil) }
 
   let(:ip) { '1.2.3.4' }
   let(:client_id) { 'abcd' }
 
   let(:env) do
-    Rack::MockRequest.env_for('/',
-                              'HTTP_X_FORWARDED_FOR' => ip,
-                              'HTTP_ACCEPT_LANGUAGE' => 'en',
-                              'HTTP_USER_AGENT' => 'test',
-                              'HTTP_COOKIE' => "__cid=#{client_id};other=efgh")
+    Rack::MockRequest.env_for(
+      '/',
+      'HTTP_X_FORWARDED_FOR' => ip,
+      'HTTP_ACCEPT_LANGUAGE' => 'en',
+      'HTTP_USER_AGENT' => 'test',
+      'HTTP_COOKIE' => "__cid=#{client_id};other=efgh"
+    )
   end
   let(:request) { Rack::Request.new(env) }
   let(:default_context) { subject.call }
@@ -26,12 +28,9 @@ describe Castle::Context::Default do
     }
   end
 
-  before do
-    stub_const('Castle::VERSION', version)
-  end
+  before { stub_const('Castle::VERSION', version) }
 
   it { expect(default_context[:active]).to be_eql(true) }
-  it { expect(default_context[:origin]).to be_eql('web') }
   it { expect(default_context[:headers]).to be_eql(result_headers) }
   it { expect(default_context[:ip]).to be_eql(ip) }
   it { expect(default_context[:client_id]).to be_eql(client_id) }

data/spec/lib/castle/context/{merger_spec.rb → merge_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::Context::Merger do
+describe Castle::Context::Merge do
   let(:first) { { test: { test1: { c: '4' } } } }
 
   describe '#call' do

data/spec/lib/castle/context/prepare_spec.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+describe Castle::Context::Prepare do
+  let(:ip) { '1.2.3.4' }
+  let(:cookie_id) { 'abcd' }
+  let(:ua) { 'Chrome' }
+  let(:env) do
+    Rack::MockRequest.env_for(
+      '/',
+      'HTTP_USER_AGENT' => ua,
+      'HTTP_X_FORWARDED_FOR' => ip,
+      'HTTP_COOKIE' => "__cid=#{cookie_id};other=efgh"
+    )
+  end
+  let(:request) { Rack::Request.new(env) }
+  let(:context) do
+    {
+      client_id: 'abcd',
+      active: true,
+      user_agent: ua,
+      headers: headers,
+      ip: ip,
+      library: {
+        name: 'castle-rb',
+        version: '6.0.0'
+      }
+    }
+  end
+
+  let(:headers) do
+    { 'Content-Length': '0', 'User-Agent': ua, 'X-Forwarded-For': ip.to_s, 'Cookie': true }
+  end
+
+  before { stub_const('Castle::VERSION', '6.0.0') }
+
+  describe '#call' do
+    subject(:generated) { described_class.call(request) }
+
+    context 'when active true' do
+      it { is_expected.to eql(context) }
+    end
+  end
+end

data/spec/lib/castle/context/{sanitizer_spec.rb → sanitize_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::Context::Sanitizer do
+describe Castle::Context::Sanitize do
   let(:paylod) { { test: 'test' } }
 
   describe '#call' do

data/spec/lib/castle/core/get_connection_spec.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+describe Castle::Core::GetConnection do
+  describe '.call' do
+    subject(:class_call) { described_class.call }
+
+    context 'when ssl false' do
+      let(:localhost) { 'localhost' }
+      let(:port) { 3002 }
+      let(:api_url) { '/test' }
+
+      before do
+        Castle.config.base_url = 'http://localhost:3002'
+
+        allow(Net::HTTP).to receive(:new).with(localhost, port).and_call_original
+      end
+
+      it do
+        class_call
+
+        expect(Net::HTTP).to have_received(:new).with(localhost, port)
+      end
+
+      it { expect(class_call).to be_an_instance_of(Net::HTTP) }
+    end
+
+    context 'when ssl true' do
+      let(:localhost) { 'localhost' }
+      let(:port) { 443 }
+
+      before { Castle.config.base_url = 'https://localhost' }
+
+      context 'with block' do
+        let(:api_url) { '/test' }
+        let(:request) { Net::HTTP::Get.new(api_url) }
+
+        before { allow(Net::HTTP).to receive(:new).with(localhost, port).and_call_original }
+
+        it { expect(class_call).to be_an_instance_of(Net::HTTP) }
+      end
+    end
+  end
+end

data/spec/lib/castle/{api/response_spec.rb → core/process_response_spec.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-describe Castle::API::Response do
+describe Castle::Core::ProcessResponse do
   describe '#call' do
     subject(:call) { described_class.call(response) }
 
@@ -10,6 +10,54 @@ describe Castle::API::Response do
       it { expect(call).to eql(user: 1) }
     end
 
+    describe 'authenticate' do
+      context 'when allow without any additional props' do
+        let(:response) { OpenStruct.new(body: '{"action":"allow","user_id":"12345"}', code: 200) }
+
+        it { expect(call).to eql({ action: 'allow', user_id: '12345' }) }
+      end
+
+      context 'when allow with additional props' do
+        let(:response) do
+          OpenStruct.new(body: '{"action":"allow","user_id":"12345","internal":{}}', code: 200)
+        end
+
+        it { expect(call).to eql({ action: 'allow', user_id: '12345', internal: {} }) }
+      end
+
+      context 'when deny without risk policy' do
+        let(:response) do
+          OpenStruct.new(body: '{"action":"deny","user_id":"1","device_token":"abc"}', code: 200)
+        end
+
+        it { expect(call).to eql({ action: 'deny', user_id: '1', device_token: 'abc' }) }
+      end
+
+      context 'when deny with risk policy' do
+        let(:body) do
+          '{"action":"deny","user_id":"1","device_token":"abc",
+          "risk_policy":{"id":"123","revision_id":"abc","name":"def","type":"bot"}}'
+        end
+        let(:response) { OpenStruct.new({ body: body, code: 200 }) }
+
+        let(:result) do
+          {
+            action: 'deny',
+            user_id: '1',
+            device_token: 'abc',
+            risk_policy: {
+              id: '123',
+              revision_id: 'abc',
+              name: 'def',
+              type: 'bot'
+            }
+          }
+        end
+
+        it { expect(call).to eql(result) }
+      end
+    end
+
     context 'when response empty' do
       let(:response) { OpenStruct.new(body: '', code: 200) }
 

data/spec/lib/castle/core/process_webhook_spec.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+describe Castle::Core::ProcessWebhook do
+  describe '#call' do
+    subject(:call) { described_class.call(webhook) }
+
+    let(:webhook_body) do
+      {
+        api_version: 'v1',
+        app_id: '12345',
+        type: '$incident.confirmed',
+        created_at: '2020-12-18T12:55:21.779Z',
+        data: {
+          id: 'test',
+          device_token: 'token',
+          user_id: '',
+          trigger: '$login.succeeded',
+          context: {},
+          location: {},
+          user_agent: {}
+        },
+        user_traits: {},
+        properties: {},
+        policy: {}
+      }.to_json
+    end
+
+    let(:webhook) { OpenStruct.new(body: StringIO.new(webhook_body)) }
+
+    context 'when success' do
+      it { expect(call).to eql(webhook_body) }
+    end
+
+    context 'when webhook empty' do
+      let(:webhook) { OpenStruct.new(body: StringIO.new('')) }
+
+      it { expect { call }.to raise_error(Castle::ApiError, 'Invalid webhook from Castle API') }
+    end
+
+    context 'when webhook nil' do
+      let(:webhook) { OpenStruct.new(body: StringIO.new) }
+
+      it { expect { call }.to raise_error(Castle::ApiError, 'Invalid webhook from Castle API') }
+    end
+  end
+end

data/spec/lib/castle/core/send_request_spec.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+describe Castle::Core::SendRequest do
+  let(:config) { Castle.config }
+
+  describe '#call' do
+    let(:command) { Castle::Commands::Track.build(event: '$login.succeeded') }
+    let(:headers) { {} }
+    let(:request_build) { {} }
+    let(:expected_headers) { { 'Content-Type' => 'application/json' } }
+    let(:http) { instance_double('Net::HTTP') }
+
+    context 'without http arg provided' do
+      subject(:call) { described_class.call(command, headers, nil, config) }
+
+      let(:http) { instance_double('Net::HTTP') }
+      let(:command) { Castle::Commands::Track.build(event: '$login.succeeded') }
+      let(:headers) { {} }
+      let(:request_build) { {} }
+      let(:expected_headers) { { 'Content-Type' => 'application/json' } }
+
+      before do
+        allow(Castle::Core::GetConnection).to receive(:call).and_return(http)
+        allow(http).to receive(:request)
+        allow(described_class).to receive(:build).and_return(request_build)
+        call
+      end
+
+      it do
+        expect(described_class).to have_received(:build).with(command, expected_headers, config)
+      end
+
+      it { expect(http).to have_received(:request).with(request_build) }
+    end
+
+    context 'with http arg provided' do
+      subject(:call) { described_class.call(command, headers, http, config) }
+
+      before do
+        allow(Castle::Core::GetConnection).to receive(:call)
+        allow(http).to receive(:request)
+        allow(described_class).to receive(:build).and_return(request_build)
+        call
+      end
+
+      it { expect(Castle::Core::GetConnection).not_to have_received(:call) }
+
+      it do
+        expect(described_class).to have_received(:build).with(command, expected_headers, config)
+      end
+
+      it { expect(http).to have_received(:request).with(request_build) }
+    end
+  end
+
+  describe '#build' do
+    subject(:build) { described_class.build(command, headers, config) }
+
+    let(:headers) { { 'SAMPLE-HEADER' => '1' } }
+    let(:api_secret) { 'secret' }
+
+    context 'when post' do
+      let(:time) { Time.now.utc.iso8601(3) }
+      let(:command) { Castle::Commands::Track.build(event: '$login.succeeded', name: "\xC4") }
+      let(:expected_body) { { event: '$login.succeeded', name: '�', context: {}, sent_at: time } }
+
+      before { allow(Castle::Utils::GetTimestamp).to receive(:call).and_return(time) }
+
+      it { expect(build.body).to be_eql(expected_body.to_json) }
+      it { expect(build.method).to eql('POST') }
+      it { expect(build.path).to eql("/v1/#{command.path}") }
+      it { expect(build.to_hash).to have_key('authorization') }
+      it { expect(build.to_hash).to have_key('sample-header') }
+      it { expect(build.to_hash['sample-header']).to eql(['1']) }
+    end
+  end
+end

data/spec/lib/castle/failover/strategy_spec.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+describe Castle::Failover::Strategy do
+  subject(:strategy) { described_class }
+
+  it { expect(strategy::ALLOW).to be_eql(:allow) }
+  it { expect(strategy::DENY).to be_eql(:deny) }
+  it { expect(strategy::CHALLENGE).to be_eql(:challenge) }
+  it { expect(strategy::THROW).to be_eql(:throw) }
+
+  it { expect(Castle::Failover::STRATEGIES).to be_eql(%i[allow deny challenge throw]) }
+end

data/spec/lib/castle/{extractors/headers_spec.rb → headers/extract_spec.rb}

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-describe Castle::Extractors::Headers do
-  subject(:headers) { described_class.new(formatted_headers).call }
+describe Castle::Headers::Extract do
+  subject(:extract_call) { described_class.new(formatted_headers).call }
 
   let(:formatted_headers) do
     {
@@ -16,11 +16,11 @@ describe Castle::Extractors::Headers do
   end
 
   after do
-    Castle.config.whitelisted = %w[]
-    Castle.config.blacklisted = %w[]
+    Castle.config.allowlisted = %w[]
+    Castle.config.denylisted = %w[]
   end
 
-  context 'when whitelist is not set in the configuration' do
+  context 'when allowlist is not set in the configuration' do
     let(:result) do
       {
         'Accept' => 'application/json',
@@ -33,11 +33,11 @@ describe Castle::Extractors::Headers do
       }
     end
 
-    it { expect(headers).to eq(result) }
+    it { expect(extract_call).to eq(result) }
   end
 
-  context 'when whitelist is set in the configuration' do
-    before { Castle.config.whitelisted = %w[Accept OK] }
+  context 'when allowlist is set in the configuration' do
+    before { Castle.config.allowlisted = %w[Accept OK] }
 
     let(:result) do
       {
@@ -51,10 +51,10 @@ describe Castle::Extractors::Headers do
       }
     end
 
-    it { expect(headers).to eq(result) }
+    it { expect(extract_call).to eq(result) }
   end
 
-  context 'when blacklist is set in the configuration' do
+  context 'when denylist is set in the configuration' do
     context 'with a User-Agent' do
       let(:result) do
         {
@@ -68,9 +68,9 @@ describe Castle::Extractors::Headers do
         }
       end
 
-      before { Castle.config.blacklisted = %w[User-Agent] }
+      before { Castle.config.denylisted = %w[User-Agent] }
 
-      it { expect(headers).to eq(result) }
+      it { expect(extract_call).to eq(result) }
     end
 
     context 'with a different header' do
@@ -86,20 +86,18 @@ describe Castle::Extractors::Headers do
         }
       end
 
-      before { Castle.config.blacklisted = %w[Accept] }
+      before { Castle.config.denylisted = %w[Accept] }
 
-      it { expect(headers).to eq(result) }
+      it { expect(extract_call).to eq(result) }
     end
   end
 
-  context 'when a header is both whitelisted and blacklisted' do
+  context 'when a header is both allowlisted and denylisted' do
     before do
-      Castle.config.whitelisted = %w[Accept]
-      Castle.config.blacklisted = %w[Accept]
+      Castle.config.allowlisted = %w[Accept]
+      Castle.config.denylisted = %w[Accept]
     end
 
-    it do
-      expect(headers['Accept']).to eq(true)
-    end
+    it { expect(extract_call['Accept']).to eq(true) }
   end
 end

data/spec/lib/castle/headers/filter_spec.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+describe Castle::Headers::Filter do
+  subject(:filter_call) { described_class.new(request).call }
+
+  let(:env) do
+    result =
+      Rack::MockRequest.env_for(
+        '/',
+        'Action-Dispatch.request.content-Type' => 'application/json',
+        'HTTP_AUTHORIZATION' => 'Basic 123456',
+        'HTTP_COOKIE' => '__cid=abcd;other=efgh',
+        'HTTP_ACCEPT' => 'application/json',
+        'HTTP_X_FORWARDED_FOR' => '1.2.3.4',
+        'HTTP_USER_AGENT' => 'Mozilla 1234',
+        'TEST' => '1',
+        'REMOTE_ADDR' => '1.2.3.4'
+      )
+    result[:HTTP_OK] = 'OK'
+    result
+  end
+  let(:filtered) do
+    {
+      'Accept' => 'application/json',
+      'Authorization' => 'Basic 123456',
+      'Cookie' => '__cid=abcd;other=efgh',
+      'Content-Length' => '0',
+      'Ok' => 'OK',
+      'User-Agent' => 'Mozilla 1234',
+      'Remote-Addr' => '1.2.3.4',
+      'X-Forwarded-For' => '1.2.3.4'
+    }
+  end
+  let(:request) { Rack::Request.new(env) }
+
+  context 'with list of header' do
+    it { expect(filter_call).to eq(filtered) }
+  end
+end